https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652824#M289903 <HTML><HEAD></HEAD><BODY><P>Small correction - your user should run SU53 right after he got the message about missing authorizaiton, he'll see which object/values were checked and were not successfull.</P><P></P><P>SU53 should be executed by the person who actually eperiences authorization problem.</P></BODY></HTML> Fri, 03 Nov 2006 17:50:55 GMT Former Member 2006-11-03T17:50:55Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652819#M289898 <HTML><HEAD></HEAD><BODY><P>The end-user gets an error message "PM:xxx No authorization for Plant XXXX in the TCODE screen".</P><P></P><P>I have debugged the TCODE, and no authorization checks are made within the program.</P><P></P><P>How do I check if the user is setup correctly? FYI - I do not have authorization to SU01.</P></BODY></HTML> Fri, 03 Nov 2006 15:11:08 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652819#M289898 Former Member 2006-11-03T15:11:08Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652820#M289899 <HTML><HEAD></HEAD><BODY><P>If you do not have authorization then your basis team should do this for you.</P><P></P><P>Cheers</P></BODY></HTML> Fri, 03 Nov 2006 15:17:41 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652820#M289899 Former Member 2006-11-03T15:17:41Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652821#M289900 <HTML><HEAD></HEAD><BODY><P>Hi:</P><P></P><P>It is quite possibel that there are certain &lt;b&gt;authorization checks&lt;/b&gt; for the plant. If there is a authorization check for that particular plant, then the user will on be able to execute for that plant.</P><P>SU21 is the transaction code for maintaining authorization check objects.</P><P></P><P>Regards,</P><P>Sookshma</P></BODY></HTML> Fri, 03 Nov 2006 16:16:33 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652821#M289900 Former Member 2006-11-03T16:16:33Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652822#M289901 <HTML><HEAD></HEAD><BODY><P>hi Ganadeep,</P><P> Sometimes your basis person or the client may restrict you from accessing few transactions ... for that check with the basis person for providing the authorizations </P><P></P><P>Regards,</P><P>santosh</P></BODY></HTML> Fri, 03 Nov 2006 16:22:21 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652822#M289901 Former Member 2006-11-03T16:22:21Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652823#M289902 <HTML><HEAD></HEAD><BODY><P>U can do SU53, whereby it would list the problem as to the object...than you can give appropriate rights to the particular user.</P></BODY></HTML> Fri, 03 Nov 2006 16:22:53 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652823#M289902 Former Member 2006-11-03T16:22:53Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652824#M289903 <HTML><HEAD></HEAD><BODY><P>Small correction - your user should run SU53 right after he got the message about missing authorizaiton, he'll see which object/values were checked and were not successfull.</P><P></P><P>SU53 should be executed by the person who actually eperiences authorization problem.</P></BODY></HTML> Fri, 03 Nov 2006 17:50:55 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652824#M289903 Former Member 2006-11-03T17:50:55Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652825#M289904 <HTML><HEAD></HEAD><BODY><P>Right, fool proof way is to run the transaction to the point where he gets the error message, then type /nSU53 in the tcode box at the top of the gui, then print the output and give to security guys.</P><P></P><P>Regards,</P><P>Rich Heilman</P></BODY></HTML> Fri, 03 Nov 2006 17:56:33 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652825#M289904 RichHeilman 2006-11-03T17:56:33Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652826#M289905 <HTML><HEAD></HEAD><BODY><P>We have been going back-and-forth with end-user and Basis to fix this issue. </P><P></P><P>The SU53 screen shot was submitted to Basis and they claim the user's autorization profile is correct. Is it possible for one authorization profile to interfere with another authorization profile?? Because the profile under contention should allow add/change/delete material classification attributes. But there exists another authorization profile against the same user that give him only display rights.</P><P></P><P>Another clarification from the user - Initial stand was that he saw the 'No authorizatoin for plant xxxx' message when he typed in the TCODE (which made me look for authorization checks in PBO module of the screen). But now, he states that the error message is displayed when he hits the ENTER key (so, the check is being made in PAI module, is it??).</P></BODY></HTML> Fri, 03 Nov 2006 18:10:21 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652826#M289905 Former Member 2006-11-03T18:10:21Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652827#M289906 <HTML><HEAD></HEAD><BODY><P>I would think it is in the PAI. </P><P></P><P>What tcode/program are we talking about?</P><P></P><P>Also what is the message id and number, you may be able to do a where used on this and find exactly where this message is coming from.</P><P></P><P>Regards,</P><P>Rich Heilman</P></BODY></HTML> Fri, 03 Nov 2006 18:14:27 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652827#M289906 RichHeilman 2006-11-03T18:14:27Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652828#M289907 <HTML><HEAD></HEAD><BODY><P>The program is a custom progoram.</P><P></P><P>The message displayed is </P><P>"PM:301 No authorization for Plant 0123" </P><P></P><P>I did perform a global search for this message is the message class, text symbols and did not get any results.</P></BODY></HTML> Fri, 03 Nov 2006 18:22:34 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652828#M289907 Former Member 2006-11-03T18:22:34Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652829#M289908 <HTML><HEAD></HEAD><BODY><P>What function module is it calling in this custom program, most likely it is coming from there.</P><P></P><P>Regards,</P><P>RIch Heilman</P></BODY></HTML> Fri, 03 Nov 2006 18:23:57 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652829#M289908 RichHeilman 2006-11-03T18:23:57Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652830#M289909 <HTML><HEAD></HEAD><BODY><P>If your user is getting error message and his SU53 keep showing missing authorization - then your BASIS folks need to check authorization again.</P><P>You can enable authorization trace in ST01 and check which objects/values have been checked.</P></BODY></HTML> Fri, 03 Nov 2006 18:42:47 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652830#M289909 Former Member 2006-11-03T18:42:47Z https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652831#M289910 <HTML><HEAD></HEAD><BODY><P>Guess I finally figured this one...</P><P></P><P>The user has two conflicting authorization profiles.</P><P>One profile give him 'display only' rights and the other profile authorizes him to execute a TCODE. The program behind the TCODE looks for a 'create' authority.</P><P></P><P>Basis has been notified and ticket has been re-routed to a different queue.</P></BODY></HTML> Fri, 03 Nov 2006 19:29:38 GMT https://community.sap.com/t5/application-development-and-automation-discussions/user-does-not-have-authorization/m-p/1652831#M289910 Former Member 2006-11-03T19:29:38Z